Roman Semenov, Co-founder of Tornado Cash, Implicated in Providing Support to Lazarus Group’s Illicit Activities
In a decisive move to curb illicit financial activities linked to North Korean hackers, the U.S. Department of Treasury announced sanctions on Wednesday against Roman Semenov, a co-founder of the virtual currency mixer Tornado Cash. The sanctions were imposed for Semenov’s involvement in aiding a North Korean hacking group known as the Lazarus Group, responsible for pilfering hundreds of millions of dollars in cryptocurrency.
Tornado Cash, a cryptocurrency mixing service, found itself in the crosshairs of the U.S. Treasury Department’s Office of Foreign Assets Control (OFAC) in 2022. The latest development marks a significant step in the global effort to thwart cybercrime and disrupt the flow of ill-gotten gains.The OFAC’s press release stated, “Today, the U.S. Department of the Treasury’s Office of Foreign Assets Control (OFAC) sanctioned Roman Semenov, one of three co-founders of the sanctioned virtual currency mixer Tornado Cash, for his role in providing material support to Tornado Cash and to the Lazarus Group, a state-sponsored hacking group that is an instrumentality of the Democratic People’s Republic of Korea (DPRK).”
Tornado Cash, initially introduced in 2019, was swiftly employed by criminal elements to launder funds, concealing the origins of hundreds of millions of dollars in virtual currency, which had been stolen by hackers affiliated with the Lazarus Group. The group’s actions have not only resulted in massive financial losses but also provided the DPRK with resources to fuel its prohibited ballistic missile and nuclear weapons programs.The arrest of Roman Storm, another co-founder of Tornado Cash, earlier on the same day by the Federal Bureau of Investigation, has underscored the seriousness of the situation. Additionally, the apprehension of Alexey Pertsev, the third co-founder, in the Netherlands in August 2022, demonstrates the international scope of the operation to bring the perpetrators to justice.
Highlighting the severity of the cyber attacks, the Treasury Department disclosed that “The Lazarus Group, which was sanctioned by the United States in 2019, used Tornado Cash to obfuscate the movement of over $455 million stolen in the March 2022 attack on Axie Infinity’s Ronin network bridge, the largest known virtual currency heist to date.”
The revelations point to a concerning trend wherein Tornado Cash continued to offer its services to the Lazarus Group despite being fully aware of the group’s involvement in laundering stolen virtual currency. This disregard for ethical considerations amplifies the urgency to address cybersecurity vulnerabilities within the cryptocurrency landscape.
The sanctions against Roman Semenov serve as a stern warning to those who may be tempted to facilitate cybercrime and illicit financial activities. By targeting key figures involved in these operations, the U.S. Treasury Department is signaling its commitment to safeguarding the integrity of the global financial system and disrupting the flow of funds that sustain unlawful activities.
As the international community grapples with the evolving landscape of cyber threats, the action taken by the U.S. authorities underscores the necessity for collective efforts to combat cybercrime, safeguard financial assets, and protect the digital economy from the clutches of malicious actors.